AI Threat Alert
AI Security Threat Feed
Latest CVEs affecting AI/ML systems, updated continuously. Tracked from NVD, GitHub Advisory, and CISA KEV.
1,140
AI/ML CVEs Tracked
171
Critical
228
New This Week
2
In CISA KEV
Weekly CISO Take + top threats
Get the week's most critical AI security threats delivered every Monday. Free, no spam.
Latest AI Security Threats
Showing 50 of 377 results — Medium severity Severity CVE ID Summary CVSS EPSS Package Date
MEDI CVE-2026-30886 New API is a large language mode (LLM) gateway... 6.5 — — Mar 23 MEDI CVE-2026-4538 A vulnerability was identified in PyTorch 2.10.0.... 5.3 — — Mar 22 MEDI GHSA-5cxw-w2xg-2m8h fickling's `platform` module subprocess... — — fickling Mar 13 MEDI GHSA-r48f-3986-4f9c fickling modules linecache, difflib and gc are... — — fickling Mar 13 MEDI CVE-2026-2589 The Greenshift – animation and page builder... 5.3 — — Mar 6 MEDI CVE-2026-28277 LangGraph checkpoint loading has unsafe msgpack... 6.8 0.0% langgraph Mar 5 MEDI CVE-2026-28415 Gradio is an open-source Python package designed... 4.7 0.0% gradio Feb 27 MEDI CVE-2026-27167 Gradio is an open-source Python package designed... 5.9 0.0% gradio Feb 27 MEDI CVE-2026-27578 n8n is an open source workflow automation... 5.4 — n8n Feb 25 MEDI CVE-2026-27794 LangGraph: BaseCache Deserialization of Untrusted... 6.6 0.3% — Feb 25 MEDI CVE-2026-27795 LangChain is a framework for building LLM-powered... 4.1 — — Feb 25 MEDI GHSA-mhc9-48gj-9gp3 Fickling has safety check bypass via REDUCE+BUILD... — — fickling Feb 25 MEDI CVE-2026-27482 Ray dashboard DELETE endpoints allow... 5.9 0.0% ray Feb 20 MEDI CVE-2025-12343 A flaw was found in FFmpeg’s TensorFlow backend... 5.5 — — Feb 18 MEDI CVE-2026-26019 LangChain is a framework for building LLM-powered... 4.1 — langchain_community Feb 11 MEDI CVE-2026-25631 n8n is an open source workflow automation... 6.5 — n8n Feb 6 MEDI CVE-2026-25640 Pydantic AI is a Python agent framework for... 5.4 0.0% pydantic-ai Feb 6 MEDI CVE-2026-25054 n8n is an open source workflow automation... 5.4 — n8n Feb 4 MEDI CVE-2026-25051 n8n is an open source workflow automation... 5.4 — n8n Feb 4 MEDI CVE-2026-1778 SageMaker Python SDK has Insecure TLS... 5.9 0.0% sagemaker Feb 2 MEDI GHSA-m7j5-r2p5-c39r picklescan vulnerable to arbitrary file create... — — picklescan Feb 2 MEDI CVE-2025-6208 llama-index-core vulnerable to Uncontrolled... 5.3 0.0% llama-index-core Feb 2 MEDI GHSA-gpx9-96j6-pp87 TaskWeaver has Protection Mechanism Failure and... 6.5 — — Jan 28 MEDI CVE-2026-24123 BentoML is a Python library for building online... 6.5 0.0% bentoml Jan 26 MEDI CVE-2025-68492 Chainlit contains an authorization bypass... 4.2 0.0% chainlit Jan 14 MEDI CVE-2025-68949 n8n is an open source workflow automation... 5.3 — n8n Jan 13 MEDI CVE-2025-14980 The BetterDocs plugin for WordPress is vulnerable... 6.5 — — Jan 9 MEDI CVE-2026-21894 n8n is an open source workflow automation... 6.5 — n8n Jan 8 MEDI CVE-2026-21851 MONAI has Path Traversal (Zip Slip) in NGC... 5.3 0.0% monai Jan 6 MEDI CVE-2025-14371 The Tag, Category, and Taxonomy Manager – AI... 4.3 — — Jan 6 MEDI GHSA-6556-fwc2-fg2p Picklescan is vulnerable to RCE through missing... — — picklescan Dec 30 MEDI GHSA-cffc-mxrf-mhh4 Picklescan is vulnerable to RCE via missing... — — picklescan Dec 29 MEDI CVE-2025-68697 n8n is an open source workflow automation... 5.4 — n8n Dec 26 MEDI CVE-2025-61914 n8n is an open source workflow automation... 5.4 — n8n Dec 26 MEDI CVE-2025-67743 Local Deep Research is Vulnerable to Server-Side... 6.3 0.0% — Dec 23 MEDI CVE-2025-68477 Langflow is a tool for building and deploying... 6.5 0.0% langflow Dec 19 MEDI CVE-2025-63390 An authentication bypass vulnerability exists in... 5.3 — — Dec 18 MEDI CVE-2025-13922 The Tag, Category, and Taxonomy Manager – AI... 6.5 — — Dec 6 MEDI CVE-2025-13359 The Tag, Category, and Taxonomy Manager – AI... 6.5 — — Dec 3 MEDI CVE-2025-13354 The Tag, Category, and Taxonomy Manager – AI... 4.3 — — Dec 3 MEDI CVE-2025-62426 vLLM is an inference and serving engine for large... 6.5 0.1% vllm Nov 21 MEDI CVE-2025-62372 vLLM is an inference and serving engine for large... 6.5 0.1% vllm Nov 21 MEDI CVE-2025-12732 The WP Import – Ultimate CSV XML Importer for... 4.3 — — Nov 12 MEDI CVE-2025-11972 The Tag, Category, and Taxonomy Manager – AI... 4.9 — — Nov 8 MEDI CVE-2025-12360 The Better Find and Replace – AI-Powered... 4.3 — — Nov 6 MEDI CVE-2025-12695 The overly permissive sandbox configuration in... 5.9 0.0% — Nov 4 MEDI CVE-2025-12058 The Keras.Model.load_model method, including when... — 0.1% keras Oct 29 MEDI CVE-2025-11844 Hugging Face Smolagents version 1.20.0 contains... 5.4 0.0% smolagents Oct 22 MEDI CVE-2025-60511 Moodle OpenAI Chat Block plugin 3.0.1... 4.3 — — Oct 21 MEDI CVE-2025-61620 vLLM: Resource-Exhaustion (DoS) through Malicious... 6.5 — vllm Oct 7 Need deeper analysis?
Get ATLAS technique mappings, compliance reports (ISO 42001, EU AI Act), breaking alerts, and full CISO analysis with a Pro subscription.
Start 14-Day Free Trial